package SV_CSRF_ORIGIN;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class Vulnerable {
    void doPost(HttpServletRequest req, HttpServletResponse resp) {
        String action = req.getParameter("action");
        String id = req.getParameter("id");

        if("update".equals(action)){
            updateUser(id, req);
        }
        //...
    }

    void updateUser(String userid, HttpServletRequest req) {
        //...
    }

}
